Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
File: AS199524.roa (raw, json)
Hash identifier: AuTLzHiL6xnlquBDGAbc4JeDfy5gwN8OxCl6PBE4m64=
Subject key identifier: 6C:79:41:C1:57:60:51:FF:7B:CC:1B:2A:CC:E3:78:63:8E:BD:F1:4F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1F35F10E1E6B477E3766A55BDD61C2E1F7B040AC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
Signing time: Sun 15 Feb 2026 16:37:07 +0000
ROA not before: Sun 15 Feb 2026 16:32:07 +0000
ROA not after: Sun 14 Feb 2027 16:37:07 +0000
asID: 199524
IP address blocks: 82.25.36.0/24 maxlen: 24
178.83.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:35:f1:0e:1e:6b:47:7e:37:66:a5:5b:dd:61:c2:e1:f7:b0:40:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 15 16:32:07 2026 GMT
Not After : Feb 14 16:37:07 2027 GMT
Subject: CN=6C7941C1576051FF7BCC1B2ACCE378638EBDF14F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:61:92:c7:b6:24:78:d1:c5:4b:83:a6:40:
81:d9:70:fa:9f:b0:00:65:ea:de:da:7e:1e:aa:21:
74:8f:d8:48:67:46:a4:77:f8:0a:59:c0:f6:2d:e0:
a8:7a:66:a8:e9:3b:04:78:da:a6:18:7a:2b:a5:93:
17:a3:c9:37:eb:d7:c5:56:4e:f4:fc:e2:9e:6e:34:
ad:26:07:2e:67:e2:cc:c8:03:9b:19:cf:80:15:78:
4f:41:f7:b8:88:6d:63:c4:52:24:07:dc:4e:7c:f6:
fb:ef:c3:64:08:16:36:16:4a:fc:19:a7:fd:de:7b:
a2:a8:dd:b9:90:17:2d:63:ff:ae:ec:04:01:7c:fb:
ea:25:22:43:c6:c8:6f:3b:63:34:54:8f:1e:78:ed:
b7:fe:5a:2b:65:e6:4a:18:6e:be:56:63:8d:97:e3:
34:f3:76:11:9f:53:f4:9e:26:e9:d4:45:1b:2e:74:
f1:5f:f8:a6:97:e5:65:3d:4f:51:c2:1a:8f:cd:ea:
3d:00:38:c5:3c:bb:aa:e7:fe:4d:08:25:d3:8b:e2:
b0:e9:8e:a8:ba:cc:8f:3c:00:7a:94:e3:39:e1:65:
fd:89:23:43:63:48:fd:16:a5:71:e6:05:58:e6:83:
c4:3a:b1:78:da:29:af:0d:28:68:31:88:93:e0:1c:
73:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:79:41:C1:57:60:51:FF:7B:CC:1B:2A:CC:E3:78:63:8E:BD:F1:4F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.36.0/24
178.83.197.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:bb:a6:35:ab:81:5f:1d:3c:20:87:74:3b:01:52:55:48:18:
94:fb:be:fa:f7:a6:73:da:da:fe:02:2d:ea:82:55:69:06:21:
d1:c4:39:b6:b9:64:e4:ab:43:1e:59:4d:a9:f2:53:78:fe:1b:
1e:bd:e1:b2:33:42:8d:c6:64:15:cd:d9:30:c8:35:ed:b5:19:
0e:69:70:4c:8a:5b:b2:05:91:16:d4:38:7e:e7:cd:49:a4:54:
5c:e9:9a:ec:f2:a6:1d:c7:d0:23:a9:d6:d5:6b:d8:c3:0b:c5:
da:73:b2:81:c2:b9:57:84:45:c0:e9:2e:8d:45:e6:bc:c8:75:
c3:67:8c:e2:bf:e2:13:63:8a:a9:71:89:14:ef:b3:6d:64:69:
8e:df:63:ed:95:23:a5:e5:29:c0:f0:0f:e8:dd:9b:6f:04:db:
d8:26:f8:60:b1:29:0c:ed:ed:05:e7:2a:7e:48:55:63:2e:8a:
9d:c5:12:9c:64:d5:51:6e:6e:56:da:85:17:1c:66:0a:16:8f:
a1:0d:25:e9:fa:6a:79:db:cd:80:5a:0e:7e:17:12:6f:e0:bc:
80:05:5c:6d:dc:14:0e:1c:fc:b8:43:45:99:d6:1d:c6:81:6e:
c1:da:78:dc:bf:78:de:db:04:31:c3:5d:60:95:ab:22:91:4c:
86:0c:9d:59
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUHzXxDh5rR343ZqVb3WHC4fewQKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTUxNjMyMDdaFw0yNzAyMTQxNjM3MDdaMDMxMTAvBgNV
BAMTKDZDNzk0MUMxNTc2MDUxRkY3QkNDMUIyQUNDRTM3ODYzOEVCREYxNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC51mGSx7YkeNHFS4OmQIHZcPqf
sABl6t7afh6qIXSP2EhnRqR3+ApZwPYt4Kh6ZqjpOwR42qYYeiulkxejyTfr18VW
TvT84p5uNK0mBy5n4szIA5sZz4AVeE9B97iIbWPEUiQH3E589vvvw2QIFjYWSvwZ
p/3ee6Ko3bmQFy1j/67sBAF8++olIkPGyG87YzRUjx547bf+Witl5koYbr5WY42X
4zTzdhGfU/SeJunURRsudPFf+KaX5WU9T1HCGo/N6j0AOMU8u6rn/k0IJdOL4rDp
jqi6zI88AHqU4znhZf2JI0NjSP0WpXHmBVjmg8Q6sXjaKa8NKGgxiJPgHHNHAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUbHlBwVdgUf97zBsqzON4Y4698U8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk5NTI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhkk
AwQAslPFMA0GCSqGSIb3DQEBCwUAA4IBAQB6u6Y1q4FfHTwgh3Q7AVJVSBiU+776
96Zz2tr+Ai3qglVpBiHRxDm2uWTkq0MeWU2p8lN4/hseveGyM0KNxmQVzdkwyDXt
tRkOaXBMiluyBZEW1Dh+581JpFRc6Zrs8qYdx9AjqdbVa9jDC8Xac7KBwrlXhEXA
6S6NRea8yHXDZ4ziv+ITY4qpcYkU77NtZGmO32PtlSOl5SnA8A/o3ZtvBNvYJvhg
sSkM7e0F5yp+SFVjLoqdxRKcZNVRbm5W2oUXHGYKFo+hDSXp+mp5282AWg5+FxJv
4LyABVxt3BQOHPy4Q0WZ1h3GgW7B2njcv3je2wQxw11glasikUyGDJ1Z
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:57 2026 by rpki-client